Follow this blog Administration + Create my blog
Cisco & Cisco Network Hardware News and Technology

cisco switches - cisco firewall

To Read about the Cisco Nexus 5548P Switch

December 12 2014 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Switches - Cisco Firewall

Cisco Nexus 5548P Switch, the first platform in the Cisco Nexus 5500 Switches, is a one-rack-unit (1RU), 1 and 10 Gigabit Ethernet and FCoE access-layer switch built to provide 960 Gbps of throughput with very low latency. It has 32 fixed 1 and 10 Gigabit Ethernet ports that accept modules and cables meeting the Small Form-Factor Pluggable Plus (SFP+) form factor. One expansion module slot can be configured to support up to 16 additional 1 and 10 Gigabit Ethernet ports or 8 Fibre Channel ports plus 8 1 and 10 Gigabit Ethernet ports. The switch has a single serial console port and a single out-of-band 10/100/1000-Mbps Ethernet management port. Two N+N redundant, hot-pluggable power supplies and two N+N redundant, hot-pluggable fan modules provide highly reliable front-to-back cooling.

Cisco Nexus 5548P-

All ports are at the rear of the switches, simplifying cabling and reducing cable length. Cooling is front-to-back, supporting hot- and cold-aisle configurations that help increase cooling efficiency. The front panel includes status indicators and hot swappable, N+N redundant power supplies and their power entry connections and cooling modules. All serviceable components are accessible from the front panel, allowing the switch to be serviced while in operation and without disturbing network cabling.

Cisco Nexus 5548P Rear Panel

Cisco Nexus 5548P Rear Panel

Cisco Nexus 5548P Front Pane

Cisco Nexus 5548P Front Pane

The Cisco Nexus 5500 platform is equipped to support expansion modules that can be used to increase the number of 10 Gigabit Ethernet and FCoE ports or to connect to Fibre Channel SANs with 1/2/4/8-Gbps Fibre Channel switch ports, or both. The Cisco Nexus 5548P supports one expansion module from the following offerings:

• Ethernet module that provides sixteen 1 and 10 Gigabit Ethernet and FCoE ports using the SFP+ interface

Ethernet Expansion Module

Ethernet Expansion Module

• Fibre Channel plus Ethernet module that provides eight 1 and 10 Gigabit Ethernet and FCoE ports using the SFP+ interface, and 8 ports of 1/2/4/8-Gbps native Fibre Channel connectivity using the SFP interface

Combination Expansion Module


The Cisco Nexus 5548P control plane runs Cisco NX-OS Software on a dual-core 1.7-GHz Intel Xeon Processor C5500/C3500 Series with 8 GB of DRAM. The supervisor complex is connected to the data plane in-band through two internal ports running 1-Gbps Ethernet, and the system is managed in-band, or through the out-of-band 10/100/1000-Mbps management port. Table 1 summarizes the control-plane specifications.

Cisco Nexus 5548P Control Plane Components




1.7 GHz Intel Xeon Processor C5500/C3500 Series

(dual core)


8 GB of DDR3 in two DIMM slots

Program storage

2 GB of eUSB flash memory for base system storage

Boot and BIOS flash memory

8 MB to store upgradable and golden image

On-board fault log

64 MB of flash memory to store hardware-related fault and reset reasons


6 MB of SRAM to store syslog and licensing information

Management interface

RS-232 console port and 10/100/1000BASE-T mgmt0

The Cisco Nexus 5548P is equipped with seven UPCs: six to provide 48 ports at 10 Gbps, and one used for connectivity to the control plane. Figure 6 shows the connectivity between the control plane and the data plane.

Cisco Nexus 5548P Data Plane and Control Plane Architecture



More details about Cisco Nexus 5500 and Nexus 5548P you can read her http://www.cisco.com/c/en/us/products/collateral/switches/nexus-5548p-switch/white_paper_c11-622479.html


More Related Cisco Nexus 5500 Switch Review and Overview

Cisco Nexus 5500 Overview, More Models, Features and Comparison

The Viable Cisco Nexus 5500 Core Switch for the Midsized Enterprise

How to Move Cisco’s Catalyst 6500 to the Nexus 9000?

Nexus 9000 vs. Nexus 7000

Cisco Nexus 9000 Models Comparison: Nexus 9500 & Nexus 9300 Series

Three Cisco Nexus 9300 Models Overview

The 8-slot Nexus 9508 Switch Review

Cisco 9500 Nexus Switch Overview-Model Comparison

Cisco Nexus 9000 Series Switches Overview

Read more

Cisco ACI Mode

October 8 2014 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Switches - Cisco Firewall

The Nexus 9000 family of switches will operate in one of two modes:

NXOS Mode–If you’ve worked with Cisco’s DC switches like the Nexus 7K or 5K, this should be very familiar to you. In this mode, you essentially have a 10GbE or 40GbE switch, with the features that are baked into that

In NXOS Mode, all of the additional custom ASICs that are present on the switch fabric are used primarily for enhancing the functionality of the merchant silicon platform, such as increasing buffer space, etc.

ACI Mode–This is a completely different mode of operation for the Nexus 9000 switch. In this mode, the switch participates in a leaf-spine based architecture that is purely driven by application policy. It is in this mode that we are able to define application relationships, and imprint them onto the fabric.


ACI is meant to provide that translation service between apps and the network.


As mentioned before, also pointed out in the article Cisco Nexus 9000 Series Switches Overview, the second mode that the Nexus 9000 series operates in, is ACI mode. This mode allows for enhanced programmability across a complete fabric of Nexus 9000 switches. With ACI as the SDN solution on top, the fabric acts like one big switch–forwarding traffic using a myriad of policies that you can configure.

  • 1/10G Access & 10/40G Aggregation (ACI)

48 1/10G-T & 4 40G QSFP+ (non blocking)–meant to replace end-of-rack 6500’s

36 40G QSFP+ (1.5:1 oversubscribed)–used as a leaf switch, think end of rack

  • 40G Fabric Spine (ACI)

36 40G QSFP+ for Spine deployments (non blocking, ACI only)

1,152 10G ports per switch

  • 36 spine ports x 8 line cards=288 leaf switches per spine
  • Leaf switches require 40G links to the spine


The line cards that support ACI will not be released until next year.

Spine line cards

  • 36x 40G ports per line card and no blocking

Supervisor Modules

  • Redundant half-width supervisor engine
  • Common for 4, 8 and 16 slot chassis (9504, 9508, and 9516)
  • Sandy bridge quad core 1.8 GHz
  • 16GB RAM
  • 64GB SSD

System controllers

  • Offloads supervisor from switch device management tasks
  • Increased system resilience & scale
  • Dual core ARM 1.3GHz
  • EoBC switch between Sups and line cards
  • Power supplies via SMB (system management bus)

Fabric Extenders

  • Supports 2248TP, 2248TP-E, 2232PP-10G, 2232TM-10G , B22-HP, B22-Dell


Reference From http://keepingitclassless.net/2013/11/insieme-and-cisco-aci-part-1-hardware/


More Cisco ACI Mode Topics

Cisco ACI, What is It?

Cisco Nexus 9000 Series Switches Overview

Cisco 9500 Nexus Switch Overview-Model Comparison

The 8-slot Nexus 9508 Switch Review

Read more

Cisco Catalyst 4500-X 10GE Modular Switch Review

September 2 2014 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Switches - Cisco Firewall

Cisco Catalyst 4500-X Series Switches, the fixed 10GE aggregation switch, help you easily meet business growth objectives.

The Catalyst 4500-X series looks similar to the Cisco Nexus 5000 series switches, but actually it is definitely more of a campus LAN switch, rather than the Nexus data center line. There are two base configurations-a 16-port and a 32-port 10GE models. Each model has an expansion slot that currently supports an 8-port 10GE uplink model (Cisco datasheets suggest that a 40GE uplink module is on the roadmap).



Similar to the Nexus 5000s, the 4500-X ports support SFP+ 10GE optics along with 1GE SFP modules.The 4500-X supports both IPv4 and IPv6 routing in hardware, along with support for VRF-Lite and “Easy Virtual Network” (EVN) features. (The Nexus 5000s require an additional expansion module for layer 3 support).


VSS on Cisco 4500-X Series

The most intriguing feature in the 4500-X may be built-in VSS (“Virtual Switch System”) support. Two 4500-X switches can be linked by 10GE ports and configured as a single logical switch. This simplifies configuration while providing a higher level of availability. It also allows ether-channels to be be built across two switches (for link redundancy and performance while eliminating the need to build spanning-tree triangles). The VSS feature has previously been reserved for the 6500 chassis with Supervisor 720s. The 4500-X therefore offers a much more cost effective way to provide a highly available distribution layer (or even a core for smaller environments that want a 10GE backbone).



The Cisco 4500-X is an intriguing new solution as an aggregation switch for campus LANs that want to bring in 10GE uplinks without the cost or complexity of a chassis based switch. VSS capabilities in particularly allow for a dual switch redundant solution that logically functions as a single switch—a solution that up until now has required a much more expensive chassis based switch.


Quick Look at the Specifications of Cisco 4500-X Switch

Total 1 Gigabit or 10 Gigabit Ethernet ports

Up to 40

Hot-swap Uplink Module

8 x 10 GE


1 rack unit

Hot-swap, Redundant Power Supplies and Fans


System Power Consumption

~ 330 W

Integrated Services

Cisco Flexible NetFlow, Medianet, Cisco TrustSec

Reference from http://architechnic.net/architechnic/2012/3/6/new-cisco-catalyst-4500-x-10ge-modular-switch.html


More Related

Cisco Catalyst 4500-X Series Switch Family

Cisco 4500 VSS Requirement-Software, Hardware and Licensing

Cisco Catalyst 4500E Supervisor Engine 8-E Review

VSS on Cisco 4500/4500X Switches

Read more

Cisco ASA 5500-X Model Comparison: ASA 5525-X vs. ASA 5545-X vs. ASA 5555-X

July 30 2014 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Switches - Cisco Firewall

Compared with the previous ASA 5500 series, Cisco ASA 5500-X next-generation firewall has some new features, for example, it provides services such as Application Visibility and Control (AVC) Services to control specific behaviors within allowed micro-applications, Web Security Essentials (WSE) Services to restrict web and web application usage based on reputation of the site and Intrusion Prevention (IPS) to provide critical threat protection from internet edge related attacks on your personal use computing systems. Through Cisco Security Intelligence Operations (SIO)*, these services provide web reputation that protects against zero-day threats.

  1. Cisco Prime Security Manager can now be used to centrally manage core ASA-X features along with Next-Generation services such as Application Visibility and Control, Web Security and IPS.
  2. ASA IPS is the only context aware IPS that uses device awareness, network reputation of the source, target value and user identity to drive mitigation decisions and provides a proactive protection against threats. It uses a combination of on- and off-box intelligence and does not require an additional hardware module.
  3. •4x increase in firewall throughput protects users as their current and future data consumption demands increase.
  4. •Redundant power supplies (on the ASA 5545-X and 5555-X appliances) protect against power outages.
  5. •Multicore enterprise-class CPUs deliver better performance.
  6. •Additional copper and small form-factor pluggable (SFP) Gigabit Ethernet ports provide greater flexibility for network configuration.
  7. •Cisco Cloud Web Security provides unmatched web security, application visibility and control for organizations of all sizes through a network of global data centers.
  8. •Cisco AnyConnect enables seamless secure remote access by providing an always-on secure connectivity experience across a broad set of desktop and mobile devices.


Your business, regardless of size, can get an end-to-end network security solution with the Cisco ASA 5500-X Series Next-Generation Firewalls. Cisco ASA 5525-X, ASA 5545-X or ASA 5555-X model? There is a Cisco ASA 5500-X series firewalls comparison table showing you the difference, which make you find the right one.

Cisco ASA Model

ASA 5525-X

ASA 5545-X

ASA 5555-X


Stateful Inspection throughput (max1)

2 Gbps

3 Gbps

4 Gbps

Stateful Inspection throughput (multiprotocol2)

1 Gbps

1.5 Gbps

2 Gbps

Next-Generation throughput3(multiprotocol)

650 Mbps

1 Gbps

1.4 Gbps

ASA IPS throughput4

600 Mbps
(Extra hardware module not required)

900 Mbps
(Extra hardware module not required)

1.3 Gbps
(Extra hardware module not required)

Concurrent sessions




Connections per second




Packets per second (64 byte)




3DES/AES VPN throughput5

300 Mbps

400 Mbps

700 Mbps

Site-to-site and IPsec IKEv1 client VPN user sessions




AnyConnect or clientless VPN user sessions6(AnyConnect license required)




Cisco Cloud Web Security users








High-availability support7

A/A and A/S

A/A and A/S

A/A and A/S

Integrated I/O

8-port 10/100/1000

8-port 10/100/1000

8-port 10/100/1000

Expansion I/O

6-port 10/100/1000 or 6-port GE (SFP)

6-port 10/100/1000 or 6-port GE (SFP)

6-port 10/100/1000 or 6-port GE (SFP)

Dual Power Supplies

Not available







1Maximum throughput with UDP traffic measured under ideal test conditions
2Multiprotocol = Traffic profile consisting primarily of TCP-based protocols or applications like HTTP, SMTP, FTP, IMAPv4, BitTorrent, and DNS.
3Throughput was measured using ASA CX Software Release 9.1.1 with multi-protocol traffic profile with both Application Visibility Control (AVC) and Web Security Essentials (WSE). Traffic logging was enabled as well.
4Firewall traffic that does not go through IPS service can have higher throughput.
5VPN throughput and sessions count depend on the ASA device configuration and VPN traffic patterns. These elements should be taken into consideration as part of your capacity planning. Maximum throughput numbers are based on IPsec IKEv1 Remote Access VPN Connectivity
62 AnyConnect Premium User Licenses are included by default
7A/A = Active/Active; A/S = Active/Standby


More Related Cisco ASA Firewall Topics:

Does Cisco ASA 5500-X Series Support Both IPS and AVC/WSE in One Box?

ASA 5505 vs. ASA 5510 vs. ASA 5512-X vs. ASA 5515-X

Cisco ASA5510 Vs ASA5512-X or Cisco 5515-X

Cisco ASA 5500-X vs. ASA 5500

Read more

Basic ASA 5505 Configuration

July 28 2014 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Switches - Cisco Firewall

In this article we will share the basic information and tips of the ASA 5505 Firewall Configuration. As we known, Cisco ASA devices can be configured and managed using either the command-line interface (CLI) or the Adaptive Security Device Manager (ASDM) GUI.

The ASA CLI is a proprietary OS which has a similar look and feel to the router IOS.

There are many similar commands between the ASA CLI and the IOS CLI. There are also many different commands.

The Cisco ASA contains a command set structure similar to that of a Cisco IOS router and offers the following access modes:

User EXEC mode - ciscoasa> en
Privileged EXEC mode - ciscoasa# config t
Global configuration mode - ciscoasa(config)# 
Various sub-configuration modes, for example - ciscoasa(config-if)#
ROMMON mode - ROMMON>    (Read-Only-Memory Monitor mode)


Unlike an ISR, the ASA performs as follows:
-Execute any ASA CLI command regardless of the current configuration mode prompt. The IOS "do" command is not required or recognized.
-Provide a brief description and command syntax when help is entered followed by the command. For example, typing help reload will display the command syntax for reload, a description, and the supported arguments.
-Interrupt show command output using Q. The IOS requires the use of Ctrl+C (^C).

In ROMMON mode, an administrator can use a TFTP server to load a system image into the security appliance. ROMMON mode is also used to recover the system password.

IOS Router Command

Equivalent ASA Command

erase startup-config

write erase

enable secret

enable password

line con 0
 password password

passwd password

show ip interfaces brief

show interfaces ip brief

show ip route

show route

show ip nat translations

show xlate

show vlan

show switch vlan

ip route

route outside



The ASA 5505 ships with a default configuration that, in most cases, is sufficient for a basic SOHO deployment.

The configuration includes two preconfigured VLAN networks: VLAN1 and VLAN2.
VLAN 1 is for the inside network and VLAN 2 is for the outside network.

The inside interface also provides DHCP addressing and NAT features. Clients on the inside network obtain a dynamic IP address from the ASA so that they can communicate with each other and with devices on the Internet. 

Specifically, the default factory configuration for the ASA 5505 configures the following:
*A default host name of ciscoasa
*Console or enable passwords which are blank.
*An inside VLAN 1 interface that includes the Ethernet 0/1 through 0/7 switch ports. The VLAN 1 IP address and mask are and
*An outside VLAN 2 interface that includes the Ethernet 0/0 switch port. VLAN 2 derives its IP address from the ISP using DHCP.
*The default route that is derived from DHCP.
*All inside IP addresses to be translated when accessing the outside using interface PAT.
*The HTTP server to support ASDM access.
*An internal DHCP server to provide addresses between and for hosts that connect to a VLAN 1 interface.

The ASA can be restored to its factory default configuration by using the global configuration command:

configure factory-default


The ASA startup configuration can be erased using the commands:

write erase   and   reload


Once rebooted, the ASA displays the following prompt "Pre-configure Firewall now through interactive prompts [yes]?" 

Basic Config

hostname nam -Changes the name of the ASA
clock set 8:05:00 3 OCT 2011
domain-name name - Changes the domain name.
enable password password - Configures the privileged EXEC mode password. Note that there is no secret option.
passwd password - Configures the Telnet / SSH password
key config-key password-encryption [new-passphrase [old-passphrase]] - Creates or changes an existing master passphrase created to encrypt all passwords (aes). (similar to IOS service password-encryption
password encryption aes


Configure the Interfaces (vlan interfaces)

interface vlan <vlan-number> - Creates a switch virtual interface (SVI).
nameif <name>                - Assigns a name to the SVI interface.
security-level <value>       - Assigns a security level to the SVI interface
no shutdown                  - enables the Layer 2 port

show switch vlan
show interface
show int ip brief


IP address config

ip address ip-address netmask - Manually
ip address dhcp - Using DHCP
ip address dhcp setroute - also requests and installs a default route to the upstream device.
ip address pppoe  - Using PPPoE
ip address pppoe setroute - also requests and installs a default route


CAUTION: An ASA 5505 with a Base license does not allow three fully functioning VLAN interfaces to be created.

Default route
If an ASA is configured as a DHCP client, then it can receive and install a default route from the upstream device. 
Default static route will have to be configured using the usingcommand

route interface-name next-hop-ip-address
route outside
show route


Configure Telnet Access

passwd password - Configures the Telnet / SSH password.
telnet - Identifies which inside host can telnet to the ASA.
telnet management
telnet timeout minutes - Alters the default exec timeout of 5 minutes


SSH is also supported but requires AAA authentication to be enabled. 

username name password password - Creates a local database entry.
aaa authentication ssh console LOCAL - Configures SSH to refer to the local database for authentication. The LOCAL keyword is case sensitive and is a predefined server tag.
crypto key generate rsa modulus 1024 - Generates the RSA key required for SSH encryption.
ssh ip-addresssubnet-maskinterface-name - Identifies which inside host can SSH to the ASA.
ssh timeout minutes - Alters the default exec timeout of 5 minutes.
show ssh


Configure NTP Services

ntp server ip-address   - Identifies the NTP server address.
ntp authentication-key    - Configures the authentication key and password.
ntp trusted-key value    - Identifies which configured key is to be trusted.
ntp authenticate    - Enables NTP authentication.
show ntp status
show ntp associations


Configure DHCP Services
An ASA can be configured to be a DHCP client and a DHCP server. 
DHCP Server

dhcpd enable inside   - Enables the DHCP server service (daemon) on the inside interface of the ASA.
dhcpd address [start-of-pool]-[end-of-pool] inside - Defines the pool of IP addresses and assigns the pool to inside users. Notice that the start-of-pool and end-of-pool IP addresses are separated by a hyphen.


Note: The ASA 5505 Base license is a 10-user license and therefore the maximum number of DHCP clients supported is 32.

DHCP options such as DNS, domain name, WINS, and lease time can all be manually configured as follows:
dhcpd domain domain-name - Configures the DNS domain name.
dhcpd dns dns-ip-address - Configures the DNS server IP address. 
dhcpd wins wins-ip-address - Command to configure the WINS server address.
dhcpd lease seconds - Configures the lease time in seconds. The default is 3600 seconds (1 hour).
dhcpd option value - Configures the DHCP option code. Option code is in the range 0 - 250.


If the ASA outside interface was configured as a DHCP client, then the dhcpd auto_config outside global configuration command can be used to pass DNS, WINS, and domain information obtained from the DHCP client on the outside interface to the DHCP clients on the inside interface.



show dhcpd state - Displays the current DHCP state for inside and outside interfaces.
show dhcpd binding - Displays the current DHCP bindings of inside users.
show dhcpd statistics - Displays the current DHCP statistics.


To clear the DHCP bindings or statistics, use the commands

clear dhcpd binding
clear dhcpd statistics


Rs from http://sclabs.blogspot.com/2013/01/chapter-10-implementing-cisco-adaptive.html


More Cisco ASA Reviews and Topics

Cisco ASA IPS Module Configuration

WAYS to Help You Set Up Your Small, Medium and Large Networks

Cisco ASA Failover, Failover Modes & ASA Failover Configuration

ASA Routed vs. Transparent

ASA 5505 vs. ASA 5510 vs. ASA 5512-X vs. ASA 5515-X

Does Cisco ASA 5500-X Series Support Both IPS and AVC/WSE in One Box?

Read more

More Cisco 2960-S Reviews, Model Comparison

June 24 2014 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Switches - Cisco Firewall

Cisco 2960-S series is the most popular enterprise-class switches for campus and branch access applications among the previous access switches. (Cisco2960G and 2960 Series are end of life and end of sale.) What features of Cisco 2960-S series would you care more about while selecting?


First of all, let’s check the main features:

Cisco 2960-S Switches-Main Features

24/48 10/100/1000 ports with fixed uplinks–PoE and Non-PoE models

Fixed Uplink Options: 4x1G or 2x10G SFP+

FlexStack Technology: Features 20G stacking links

Power over Ethernet

  • Full standards-based PoE on every port
  • PoE+ support for next-generation high-power devices



  • Very low power for Gigabit Ethernet Switch
  • New EnergyWise functionality to control PHY power
  • Half the power of Catalyst 2960G


E-LLW, NBD and 90 day TAC support

LAN Lite and LAN Base Software Options

LAN Lite option provides entry-level Gig-E platform


More Details of Cisco 2960-S Series

10/100 Ethernet for Out Of Band (OOB) network mgmt (new for C2960-S series)

USB Flash-type A, external Flash storage

USB console (type B) and RJ45 console supported

Dram: 128MB

On board Flash: 64MB

  • Low Latency

RPS support: CAB-E type cable. (CAB-RPS2300-E=)


GOLD–OnLine Hardware Diagnostics

Crypto images (K9)–shipped from Mfg

Single SDM Template–Fixed TCAM Resources


  • More security ACL resources than Catalyst 2960
  • IPv6 functionality built-in to TCAM Resources
  • No modification and reboot required


9198 Bytes max MTU

  • 9000 bytes max for Catalyst 2960

OBFL–HW failure logging capability


C2960-S Model Comparison


10/100/1000 Ethernet ports


IOS Feature Set

Available PoE Power

FlexStack Stacking

Cisco Catalyst


2 SFP+

LAN Base



Cisco Catalyst


2 SFP+

LAN Base



Cisco Catalyst


2 SFP+

LAN Base



Cisco Catalyst


2 SFP+

LAN Base



Cisco Catalyst


2 SFP+

LAN Base



Cisco Catalyst



LAN Base



Cisco Catalyst



LAN Base



Cisco Catalyst



LAN Base



Cisco Catalyst



LAN Base



Cisco Catalyst



LAN Base



Cisco Catalyst



LAN Lite



Cisco Catalyst



LAN Lite




Key LAN Lite vs LAN Base Highlights of Cisco 2960, 2960-S Series



Catalyst 2960-S FlexStack

FlexStack available with optional Module

  • Hot Swappable with two wire-speed 10G ports
  • Copper cables, NOT fiber. No SFP needed

Up to 4 switches in a stack

Unified switch management, and control

  • similar look and feel as StackWise

3 FlexStack Cable lengths supported. Cisco Proprietary

  • 0.5 meters, 1.0 meter, 3.0 meter


Catalyst 2960-S FlexStack Stack Module

FlexStack available with optional Module

  • Hot Swappable with two wire-speed 10G ports
  • Up to fourswitches in a stack
  • Unified management, control, and data plane (similar look and feel as StackWise)
  • Cross-stack EtherChannel, SPAN, and FlexLink supported
  • Support same CISCO-STACKWISE-MIB


FlexStack Module inserted in the left rear of the switch.

FlexStack module is optional for C2960-S switch operation

Yes–Hot Swappable

Blank plate required when FlexStack Module not inserted


Catalyst 2960-S Sustainability Green

Cisco Technology Innovation

Lowest Power Consumption in Industry

  • Improving Gigabit Ethernet switching power efficiency
  • Cisco low power consumption ASICs
  • Uses 50% power of equivalent Ethernet switches in the market

Additional Power savings

Reduce power per with Interface “sleep mode” when not in connected

EnergyWise Capable


Why it’s low power of Catalyst 2960-S?

New Cisco ASIC Designed for low power consumptionnew ASIC: Enhancements made from current ASIC in 2960

High density: all interfaces on same physical ASIC

Enhanced efficiency of power supplies.

HW designed for power savings, not just cost savings

Power supply efficiency improvements

5% improvement over previous generation C2960G

Cisco 2960-S is a green network switches that can save more power, and cost-effective. It is the top choice for Cisco users who need to set up a network for branch office, entry-level enterprise and midmarket.


If you want to read more Cisco 2960-S models, you can visit: http://www.router-switch.com/Price-cisco-switches-cisco-switch-catalyst-2960_c19


More Related Cisco 2960-S Topics

Cisco 2960S and 2960-X Series’ Problems from Users

Cisco Catalyst 2960-X Comparison & Features

Cisco Catalyst 2960-24TC-L Review

Compare Cisco 2960 Models

Cisco 2960 vs. Catalyst 3560

Cisco Catalyst 2960-X/XR vs. Catalyst 3650 vs. Cisco 3850 Series

Read more

Why Upgrade Cisco ASA 5500-X Series?

May 26 2014 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Switches - Cisco Firewall

Why Cisco upgraded Cisco ASA 5500-X Series? Can you guess and find out the reasons? Some experts listed like these: Multifaceted, highly dynamic applications and the growing acceptance of bring-your-own-device (BYOD) have dramatically altered the security landscape; with more than 100,000 new web-based threats emerging each day, businesses need a security solution that’s proactive, comprehensive, and network-integrated-and that helps accelerate business operations.


Well, Cisco’s ASA Next-Generation Firewall Services add next-generation capabilities like Application Visibility and Control (AVC) and Web Security Essentials (WSE) to the industry’s most proven stateful inspection firewall-for end-to-end network intelligence and streamlined security operations.

1. Proactive Security

Cisco ASA 5500-X Series Next-Generation Firewalls protect networks against many types of malware, including web-based threats, vulnerabilities, and advanced persistent threats (APTs) via Cisco Cloud Web Security and Cisco Security Intelligence Operations (SIO).

Cisco Cloud Web Security provides centralized, cloud-based integration with Cisco ASA firewalls and integrated services routers, delivering localized network security, comprehensive malware protection, visibility and control of web applications.

Cisco SIO is a cloud-based service that performs real-time analysis of telemetry from nearly two million security devices and more than 150 million mobile endpoints throughout the world. Continuous updates on Internet threats, network vulnerabilities, and host site reputation are sent to Cisco security devices every three to five minutes, providing near real-time protection from zero-day threats. Cisco customers can use this information to develop and enforce more granular, robust security policies to proactively protect their networks months ahead of a specific threat.


2. Comprehensive Suite of Security Services

Cisco ASA 5500-X Series integrates with a wide range of software- and cloud-based security services that our customers need today, and are built to scale to the meet the functional and security requirements of future networks. Current next-generation firewall services include:

Application Visibility and Control (AVC)

Web Security Essentials (WSE)

Intrusion prevention (IPS)

Botnet filter

Cisco AnyConnect VPN

Cisco Cloud Web Security (CWS)

Multiple software services can be run simultaneously on the same firewall without significant performance degradation.


3. Network Integration

Customers can choose their security deployment options based on their business needs and challenges with Cisco ASA 5500-X Series. By integrating the firewall with the network infrastructure, IT can simplify firewall management and optimize protection. Cisco TrustSec is available on Cisco ASA Software Release 9.0 and later to allow firewalls to participate in a broader policy framework that can simplify firewall policy management by as much as 80% and more rapidly adapt to changing users.

ASA 5500-X Series firewalls are designed to integrate with Cisco Cloud Web Security. For customers interested in granular AVC capabilities and differentiated access based on users, devices, and applications, the firewalls provide an on-premise security solution.


4. Performance without Compromise

Cisco ASA 5500-X Series Next-Generation Firewalls help increase the performance of the most critical network services by providing:

300% higher firewall throughput than the previous generation

60% higher VPN throughput than the previous generation

Multicore enterprise-class CPUs

Next-generation encryption support

Integrated IPS acceleration hardware on the ASA 5525-X, 5545-X, and 5555-X firewalls

Cisco ASA Next-Generation Firewall Services enable organizations to rapidly adapt to evolving business needs without abandoning time-tested methods. Blending a proven stateful inspection firewall application with user ID awareness and a host of additional network-based security controls, ASA Next-Generation Firewall Services deliver end-to-end network intelligence and streamlined security operations for enhanced visibility and control of network traffic.

PDF File from http://www.smbpartner.net/email/news/DE/2013/2013_07/download/asa_5500x_migration_e.pdf


More Related Cisco ASA 5500 Reviews and Topics:

ASA 5505 vs. ASA 5510 vs. ASA 5512-X vs. ASA 5515-X

Cisco ACLs In and Out on Cisco ASA

Cisco ASA Failover, Failover Modes & ASA Failover Configuration

Cisco ASA IPS Module Configuration

Multiple Vulnerabilities in Cisco ASA Software

Read more

Cisco Catalyst 4500-E & 4500-X Series Network Virtualization Solutions

May 22 2014 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Switches - Cisco Firewall

Why Network Virtualization? How many types? What Problems Do Network Virtualization Solutions Help Solve? How does the Virtual Switching System work on Cisco Catalyst 4500-E & 4500-X Series? In this article, we will share the answers and tips of the above questions.  What is the exact Network Virtualization? Let’s see here:

With network virtualization, users can:

Lower total cost of ownership.

Achieve regulatory compliance for network segmentation.

Reduce application recovery times and business disruption as well as network complexity, to increase operational efficiency and return on investment while lowering OpEx and CapEx.


Types of Network Virtualization

Two types of network virtualization are: device pooling with the Virtual Switching System (VSS) technology, and Layer 3 network segmentation using Virtual Route Forwarding (VRF)-Lite, Cisco Easy Virtual Network (EVN), and Multiprotocol Label Switching (MPLS).

The VSS technology on the Cisco Catalyst 4500-E and 4500-X Series Switches will add a new, powerful tool for IT managers to build resilient, highly available networks while optimizing traffic load balancing. It will be enabled in a future software release.

With the VRF-Lite feature, Catalyst 4500-E and 4500-X Series Switches support multiple VPN routing and forwarding (VRF) instances for network segmentation. (VRF-Lite is also referred to as multi-VRF Customer Edge). This technology does not need to use MPLS to support such instances; it relies instead on the configuration of Layer 3 interfaces on the interswitch links.

EVN is an enhancement of the existing VRF-Lite technology that improves Layer 3 traffic separation and path isolation on a shared network infrastructure. EVN reduces the user configuration burden and:

- Simplifies Layer 3 network virtualization without requiring MPLS end-to-end capabilities.

- Enhances shared services support, management, troubleshooting, and usability.


What Problems Do Network Virtualization Solutions Help Solve?

EVN is a Cisco innovation meant to overcome the overhead issues of the traditional VRF-Lite solution. With the VSS technology on Cisco Catalyst 6500 Series and now also on the Catalyst 4500-E and 4500-X Series Switches, campus networks can be designed in a way that eliminates the traditional drawbacks of multilayer network topologies, such as stateless network-level failovers resulting in increased application recovery times and business disruption; network complexity leading to lower operational efficiency and higher OpEx; and underutilized resources leading to lower return on investment and higher CapEx.


Cisco Easy Virtual Network

Cisco EVN technology uses the Virtual Network Trunk to significantly reduce the configuration required to implement network virtualization across the entire network infrastructure. The traditional VRF-Lite solution requires creating one interface per VRF on all switches and routers involved in the data path, a time-consuming process that can become a configuration management burden.

EVN also uses route replication technology to improve shared services support. Route replication technology makes it possible to link routes from a shared VRF to several segmented VRFs, simplify the configuration of importing and exporting routes, remove duplicate routing tables or routes, saving memory and CPU cycles.

Figure1. VRF-Lite vs EVN Configuration with multiple Interior Gateway Protocol Instances (IGPs)



Virtual Switching System on 4500-E and 4500-X Series

The Cisco Virtual Switching System (to be enabled in a future software release) is a clustering technology that pools two Cisco Catalyst 4500-E Series Switches with Cisco Catalyst Supervisor Engine 7-E or 7-LE or two Catalyst 4500-X Series Switches into a single virtual switch. In a VSS, the data plane of both clustered switches is active at the same time in both chassis. VSS members are connected by virtual switch links (VSLs) using standard Gigabit or 10 Gigabit Ethernet connections between the VSS members.

VSLs can carry regular user traffic in addition to the control plane communication between the VSS members.

Table1 summarizes the planned configurations and capabilities for VSS (may be subject to change).

Table1. Cisco Virtual Switching System on 4500-E and 4500-X Series Switches



What Are the Benefits of Virtualization Solutions?

Virtualization solutions offer improved management capabilities, advanced security, and optimized network resource usage.


Device Pooling: Virtual Switching System reduces network complexity by combining two separate physical chassis into a single control plane. VSS offers the following advantages:

Enables multipathing with Layer 2 Multichassis EtherChannel (MEC) between access and distribution (increase in link utilization).

Business continuity with improved resiliency (~200 ms) in case of a link or network device failure, with no impact to voice or video applications.

Reduces touch points with a single management and control plane between two physical switches (optimized for core and distribution deployments).

Eliminates the need for spanning tree and offers a loop-free topology between the access and distribution with Layer 2 MEC.

Simplifies and reduces network topology complexity by eliminating the need for first-hop redundancy protocols like Hot Standby Router Protocol (HSRP), Gateway Load Balancing Protocol (GLBP), or Virtual Router Redundancy Protocol (VRRP).


Figure2. Physical vs Logical Topology in a VSS Configuration


Layer 3 Network Segmentation: The traditional VRF-Lite solution usually requires a lot of configuration management. EVN reduces configuration time significantly across the entire network infrastructure without requiring the use of MPLS. Advantages include:

Uses the vnet trunk command to propagate segmentation information between devices.

Does not require the MPLS infrastructure to propagate a segmentation tag.

More Related Cisco 4500 Reviews:

Power Supplies for the Cisco Catalyst 4500-E Series

Cisco Catalyst 4500-E & Cisco 4500 Series Model Comparison


Supervisor Engine 6-E vs. Supervisor Engine 7-E vs. Supervisor Engine 8-E

Read more

Cisco 6880-X vs. Catalyst 4500X

April 8 2014 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Switches - Cisco Firewall

Cisco Catalyst 6880-X is a highly scalable and manageable solution for user access offering up to 1008 (FCS) 10/100/1000 ports within a single management system when working with the Catalyst 6800ia remote linecard, while providing the same feature set as a regular Catalyst 6500 that you might be longing for. What do you need to know about Cisco 6880-X? We will summarize some main highlights for you.

The Cisco Catalyst 6880-X and Port cards


Chassis-Cisco 6880-X Series


  • 6880-X comes in two flavors
    • C6880-X-LE (Lite) with smaller hardware table
    • C6880-X (Heavy) with larger hardware table
  • Single fixed Supervisor (based on SUP2T) 
  • Require minimum IOS 15.1SY with feature parity to SUP2T
  • Capable of 220 Gbps/Slot. Total of 2Tbps. 4Tbps in VSS.
  • Built-in 16 x 10G (10/100/1000 with Copper SFP or 1G/10G with SFP/+)
    • 80 Gbps to backplane (ie. 2:1 Oversubscription)
    • Based on WS-X6904-40G (also support up to 16 x 10G)
    • Can disable second half of port ASIC to enable line rate (Performance Mode)
  • Four half-width expansion slots available
  • Dimension 8.5x 17.36 x 23 inches, Height = 4.85 RU
  • Dual 3KW Power Supply
  • Side-to-side airflow


Linecard-Catalyst 6880-X Switches


  • 16-Port 10G Module
  • Also comes with two flavors
    • C-6880-X-LE-16P10G (Lite) with smaller hardware table
    • C-6880-X-16P10G (Heavy) with larger hardware table
  • 16 x 10G (10/100/1000 with Copper SFP or 1G/10G with SFP/+)
    • 80 Gbps to backplane (ie. 2:1 Oversubscription)
    • Based on WS-X6904-40G (also support up to 16 x 10G)
    • Can disable second half of port ASIC to enable line rate (Performance Mode)
    • In other word, this is identical to the built-in ports
  • Linecard type can be mixed with chassis type but they will operate at the lowest common denominator, hence not recommended.


Catalyst 4500X vs. Cisco 6880-X


If you are familiar with Catalyst 4500X, you can see that they have a lot of similarity, being able to support 1G/10G on all ports, and VSS capable. Since 4500X max out at 40 ports, if you have a need to exceed that, 6880-X could certainly be your option by scaling up to 80 ports. Despite the 2:1 oversubscription of 6800-X, the benefit of centralized configuration with 6800ia can be very compelling. Finally, the lack of modularity and redundancy of the Supervisor can easily be overcome by deploying VSS.

More Related Cisco Switch Topics:

Cisco Catalyst 6880-X Series Review

Cisco Catalyst 6800: New Name, Same Game

Cisco Delivers “Monster” Catalyst Switch, Routers for SDN Environments

Cisco Catalyst 6800 Switch and Friends

Read more

Cisco Catalyst 3750 V2 Series, Features and Configurations

March 4 2014 , Written by Cisco & Cisco Router, Network Switch Published on #Cisco Switches - Cisco Firewall

The Cisco Catalyst 3750 v2 Series is a next-generation energy-efficient Layer 3 Fast Ethernet stackable switch. It supports Cisco EnergyWise technology, which helps you manage the power consumption of your network, thereby reducing energy costs and carbon footprint.

The Cisco 3750 v2 Switch consumes less power than its predecessors and is an ideal access layer for enterprise, retail, and branch environments. It helps increase productivity and protects your network investment by providing a unified network for data, voice, and video.

Cisco Catalyst 3750 v2 Switches (Front and Back)


Catalyst 3750 v2 Series Highlights

• Lower power consumption than its predecessors

• Backward compatible with Cisco Catalyst 3750 and 3750-E Series Switches

EnergyWise support to monitor energy consumption of network infrastructure and implement energy saving programs to reduce energy costs

• Open shortest path First (OSPF) routing with IP Base feature set

• Compatible with Cisco Redundant Power System (RPS) 2300

• Uniform depth of 11.9 inches on all units for better cable management

• IPv6 routing included in the IP Services feature set

Cisco Switch Configurations

The Cisco Catalyst 3750 v2 Series consists of the switches listed in the following table.




24 Ethernet 10/100 ports and 2 Small Form-Factor Pluggable (SFP) Gigabit Ethernet ports; 1 rack unit (RU)


48 Ethernet 10/100 ports and 4 SFP Gigabit Ethernet ports; 1RU


24 Ethernet 10/100 ports with Power over Ethernet (PoE) and 2 SFP Gigabit Ethernet ports; 1 RU


48 Ethernet 10/100 ports with PoE and 4 SFP Gigabit Ethernet ports; 1RU


24 Ethernet 100FX SFP ports and 2 SFP Gigabit Ethernet ports; 1 RU; Transceivers are optional and not included with the base switch

Cisco Catalyst 3750 V2 Software

The Cisco Catalyst 3750 v2 Series can be purchased with the IP Base or IP Services license preinstalled.

The IP Base license offers advanced quality of service (QoS), rate limiting, and access control lists (ACLs), and basic static and Routing Information Protocol (RIP) and OSPF routing functions.

The IP Services license provides a richer set of enterprise-class features, including advanced hardware-based IP unicast and IP multicast routing as well as policy-based routing (PBR). The Advanced IP Services license, which includes IPv6 routing and IPv6 ACL support, is now included in the IP Services license. Upgrade licenses are available to upgrade a switch from the IP Base license to the IP Services license.

Cisco Catalyst 3750 V2 Series-Cisco EnergyWise& Power over Ethernet

We mentioned that Cisco Catalyst 3750 v2 Series supports Cisco EnergyWise, which is a technology that enables monitoring, reporting, and management of energy consumption by end devices that are EnergyWise enabled. This technology enables companies to reduce their energy costs and carbon footprints. EnergyWise features enable you to:

• Discover all Cisco EnergyWise enabled devices on the network

• Monitor and report power consumption by these devices

• Implement business rules to control power to these end devices

Power over Ethernet: The Cisco Catalyst 3750 v2 Series can provide a lower total cost of ownership (TCO) for deployments that incorporate Cisco IP Phones, Cisco Aironetwireless LAN (WLAN) access points, or any IEEE 802.3af-compliant end device.

PoE eliminates the need for wall power outlets for each PoE-enabled device and significantly reduces the cost for additional electrical cabling that would otherwise be necessary in IP phone and WLAN deployments.

The Cisco Catalyst 3750 v2 24-port PoE switch can support Class 3 PoE or 15.4 watts (W) of PoE power on all 24 ports. Taking advantage of Cisco Catalyst Intelligent Power Management, the Cisco Catalyst 3750 v2 48-port PoE configurations can deliver the necessary power to support 24 ports at 15.4W, 48 ports at 7.7W, or any combination in between. Maximum power availability for a converged voice and data network is attainable when a Cisco Catalyst 3750 v2 Series Switch is combined with the Cisco RPS 2300 for protection against internal power supply failures and an uninterruptible power supply (UPS) system to safeguard against power outages.

More Cisco Catalyst 3750 v2 Series Switches data sheet: Primary Features and Benefits, Enhanced Security, High-Performance IP Routing, Integrated Cisco IOS Software Features for Bandwidth Optimization, Cisco Catalyst 3750 v2 Series Switch Hardware, etc. You can see:


As we known, Cisco 3750 V2 series is famous for allowing customers to build a unified, highly resilient switching system, one switch at a time, and improving LAN operating efficiency by combining industry-leading ease of use and high resiliency for stackable switches.

So Cisco 3750 version 2 series wins a number of fans among Cisco switch users. If you are willing to choose a Cisco 3750 V2 series, you can check some hot models of Cisco Catalyst 3750 V2 switch at router-switch.com:


More Cisco Catalyst 3750 Info and Tutorials:

CISCO Catalyst 3750 Family

How to Configure a Cisco 3750?

How to Add a DHCP Range to a Cisco 3750 Switch?

Cisco 3750 Stacking Configuration

Cisco Announced End-of-Sale and End-of-Life for Cisco Catalyst 3750/3560G&E Switches

Read more
<< < 1 2 3 4 5 6 7 8 9 10 > >>